Re: [PATCH] KVM: VMX: Enable Notify VM exit

[Xiaoyao Li]

On 11/3/2020 2:12 PM, Tao Xu wrote:
> On 11/3/20 6:53 AM, Jim Mattson wrote:
> > On Sun, Nov 1, 2020 at 10:14 PM Tao Xu <tao3.xu@xxxxxxxxx> wrote:
> > > There are some cases that malicious virtual machines can cause CPU stuck
> > > (event windows don't open up), e.g., infinite loop in microcode when
> > > nested #AC (CVE-2015-5307). No event window obviously means no events,
> > > e.g. NMIs, SMIs, and IRQs will all be blocked, may cause the related
> > > hardware CPU can't be used by host or other VM.
> > >
> > > To resolve those cases, it can enable a notify VM exit if no
> > > event window occur in VMX non-root mode for a specified amount of
> > > time (notify window).
> > >
> > > Expose a module param for setting notify window, default setting it to
> > > the time as 1/10 of periodic tick, and user can set it to 0 to disable
> > > this feature.
> > >
> > > TODO:
> > > 1. The appropriate value of notify window.
> > > 2. Another patch to disable interception of #DB and #AC when notify
> > > VM-Exiting is enabled.
> > >
> > > Co-developed-by: Xiaoyao Li <xiaoyao.li@xxxxxxxxx>
> > > Signed-off-by: Tao Xu <tao3.xu@xxxxxxxxx>
> > > Signed-off-by: Xiaoyao Li <xiaoyao.li@xxxxxxxxx>
> >
> > Do you have test cases?

yes we have. The nested #AC (CVE-2015-5307) is a known test case, though 
we need to tweak KVM to disable interception #AC for it.

> Not yet, because we are waiting real silicon to do some test. I should 
> add RFC next time before I test it in hardware.